So much for the acknowledgment of concerns regarding the care.data fiasco and cautions provided by the earlier Caldicott Report or research on reidentification of supposedly deidentified (anonymised) sensitive personal information.
The controversial move raises questions over civil liberties and confidentiality and prompted immediate condemnation by Tory MP David Davis who branded it “borderline insane”.
Treasury Minister David Gauke is overseeing the plans to sell information on taxpayers, supposedly anonymously, to businesses, researchers and public bodies where it there is a “public benefit”.
Suitable precautions will, the government insisted, be put in place to ensure all data passed on to third parties is anonymous but there are doubts such a promise can be kept.
HMRC is already notorious for its loss of data on 25 million child benefit claimants.Davis reported as commenting
The officials who drew this up clearly have no idea of the risks to data in an electronic age. Our forefathers put these checks and balances in place when the information was kept in cardboard files, and data was therefore difficult to appropriate and misuse.
It defies logic that we would remove those restraints at a time when data can be collected by the gigabyte, processed in milliseconds and transported around the world almost instantaneously.Unresponsiveness to concerns aside, what is particularly interesting from the reporting is the indication that the Government doesn't expect to make much money from release of the data -
The proposals were originally announced last year but have only now come to public attention. The next stage is for the plans to be published in draft legislation but no date for such a move has yet been set.
A spokesman for HMRC said: ”No final decisions have been taken, but HMRC remains committed to safeguarding taxpayer confidentiality.”
“HMRC would only share data where this would generate clear public benefits, and where there are robust safeguards in place.”
“There would be a rigorous accreditation process for anyone wanting access to the data and that any access would take place in a secure environment. Those accessing data would be subject to the same confidentiality provisions as HMRC staff, including a criminal sanction for unlawful disclosure of taxpayer information.”
“HMRC will be consulting further and will ask for views on whether to charge to cover the costs of processing and providing anonymised data. This would not be charging for the data itself, purely covering the costs of providing it.The authors of the plan might usefully take a few hours out to read The Blunders of Our Governments (Oneworld, 2013) by Anthony King and Ivor Crewe.
The Guardian reports -
The government has strict rules about what can be released outside HMRC, with a near total ban on data sharing unless it is beneficial for the organisation's internal work. But despite the restrictions, HMRC has quietly launched a pilot programme that has released data about VAT registration for research purposes to three private credit ratings agencies: Experian, Equifax and Dun & Bradstreet.
To comply with the law, the private ratings agencies, which determine credit scores for millions of people and businesses, have been contracted to act on behalf of HMRC and are "therefore treated as part of the department" – giving them access to tax data about businesses that would otherwise be confidential.
The government's plans to change the law to allow the sale of anonymised individual tax data and release of the VAT register were buried in documents as part of the autumn statement and recent budget.
Emma Carr, of Big Brother Watch, said the government should not try to sneak the plans through without a public debate. She said: "The ongoing claims about anonymous data overlook the serious risks to privacy of individual level data being vulnerable to reidentification."
During the consultation process officials acknowledged there were "concerns around the dangers of individual identities being disclosed inadvertently" but they believe the data can be appropriately protected.
Stephen Coleclough, president of the Chartered Institute of Taxation, said HMRC had failed to grasp the "worrying and dangerous" implications of what would be made into law.
"We are concerned that even the strictest safeguards and deterrents may not prevent misuse of the data, or identification of the underlying taxpayer," he said. "There are already examples of aggregate data being provided at such a granular level which would enable identification of the relevant individuals, and we are anxious that any broadening of HMRC's powers of disclosure will inevitably lead to the identification of individuals, and a consequential breakdown in trust between HMRC and taxpayers, not to mention contravention of legislation such as the Human Rights Act."
The Treasury confirmed it was proceeding with plans to legislate to make aggregated and anonymised data more widely available, as set out in an HMRC document that said: "The government has decided to proceed with the proposal to remove the legal restrictions that currently limit HMRC's ability to share anonymised individual level data for the purpose of research and analysis and deliver public benefits wider than HMRC's own functions, but they accept that this must be done only where there are sufficient safeguards in place to protect taxpayer confidentiality.